My objective is to setup site like noip/dyndns.
I have purchased domain ( say locations.com ). In my cpanel i have redirected that into a static ip (say 128.10.10.10)
I have created subdomain (say device.locations.com) and redirected it to a another static ip
(say 128.20.20.20). This is working fine.
How ever i wish to setup dynamic DNS service in device.locations.com (128.20.20.20)
I laredy installed bibd (version 9 in Centos 7)
Probluem is :
say I have a dynamic client. Which i registered as "serial001.device.locations.com" which is having ip ( 50.50.60.1 , which will change over the time)
if i issue "dig serial001.device.locations.com" in dns server (128.20.20.20/device.locations.com ) I'll get,
;; ANSWER SECTION:
serial001.device.locations.com. 10 IN A 50.50.60.1
However if i issue "dig serial001.device.locations.com" in other machine i am not getting any answer.
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52799
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
if i specifically say to use nameserver as above (i have pointed jayaruvandns.tk to 128.20.20.20)
dig #locationsdns.tk serial001.device.locations.com
;; ANSWER SECTION:
serial001.device.locations.com. 10 IN A 50.50.60.1
Can i know how can i fix this issue?
( I am really new to DNS )
I have followed below blog.
Original Post -Build your own DynDNS
My configuration was missing DNS record in my config file
You have to add these two DNS records to your example.com nameserver:
>dyn NS ns.example.com
>ns A 203.0.113.17
Related
I transferred my domain ( simplifybits.com) using Route 53 and it successfully transferred.
However my domain is not resolving anymore :(
This is what my setup looks looks like
There are two buckets in S3
simplifybits.com
www.simplifybits.com
Route 53 configuration
simplifybits.com - A
s3-website.us-east-2.amazonaws.com.
simplifybits.com - NS
ns-1069.awsdns-05.org.
ns-31.awsdns-03.com.
ns-1556.awsdns-02.co.uk.
ns-535.awsdns-02.net.
simplifybits.com - SOA
ns-1069.awsdns-05.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
www.simplifybits.com - A
d3v4utl52t4eyk.cloudfront.net.
I had this same problem. Right now your domains still have Google as the name servers:
Tech Email: tech#simplifybits.com.whoisprivacyservice.org
Name Server: ns-cloud-d1.googledomains.com
Name Server: ns-cloud-d2.googledomains.com
Name Server: ns-cloud-d3.googledomains.com
Name Server: ns-cloud-d4.googledomains.com
It isn't obvious but go to the "Hosted zones" tab and select your domain. Then, copy the "NS" records. Now go to the "Registered domains" and select your domain. If you look you will likely see to the right that the "Name servers" still have Google. Click on "Add or edit name servers" and enter your name servers from above. The popup will keep adding lines for you.
It took me a while to get this right as, like you, I thought I had to only have the NS records correct but that isn't enough.
As #steve-harris points out you will still have to have S3 enabled to serve static content but you'll want to get DNS going first.
I have an internal domain, say example.com, in Windows AD DNS. I have created a sub-domain delegation, aws.example.com, with a glue record pointing to a BIND 9.8 instance in AWS (over site-to-site VPN).
The BIND instance has a single zone configured as a forward only (with forwarder) pointing to the AWS VPC subnet resolver which has an AWS Rt. 53 zone (aws.example.com) associated.
The problem is resolution is not functioning correctly, sometimes.... from my internal network if I dig or nslookup against the Windows DNS for hosts in the Rt. 53 zone, i get no answer (although I do see the query hitting BIND). If I then dig/nslookup against the BIND instance directly it works.
Now if I go back to the first step, dig/nslookup against Windows DNS, I do get successful resolution.
It's as if the initial dig/nslookup, which is coming via Windows DNS, isn't triggering the forward only behavior and the direct query is & then caching the answer.
Can anyone provide insight into what I've done wrong or how to change this behavior?
BIND config:
acl goodclients {
172.31.0.0/16;
192.168.0.0/16;
localhost;
localnets;
};
options {
directory "/var/cache/bind";
recursion yes;
allow-query { goodclients; };
forwarders {
172.31.0.2;
};
#forward only;
dnssec-enable yes;
dnssec-validation yes;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
querylog yes;
};
zone "aws.example.com" {
type forward;
forward only;
forwarders { 172.31.0.2; };
};
here's a sample of the fail-succeed-succeed sequence running queries to windows then bind then windows again from 2 different clients:
windows AD dns domain example.com
\_ subdomain aws.example.com —> NS 172.31.32.5 (bind instance in AWS )
\_ —> forwarding to:172.31.0.2 (aws VPC resolver IP) to Rt.53 associated zone
client 1:
user1#vfvps-server:~ #date
Wed Sep 14 14:18:41 EDT 2016
user1#vfvps-server:~ #nslookup
> lserver 192.168.4.147 <—————windows dns
Default server: 192.168.4.147
Address: 192.168.4.147#53
> server1.aws.example.com
Server: 192.168.4.147
Address: 192.168.4.147#53
** server can't find server1.aws.example.com: NXDOMAIN
> exit
client 2:
KWK-MAC:~ user1$ date
Wed Sep 14 14:19:29 EDT 2016
KWK-MAC:~ user1$ dig #172.31.32.5 server1.aws.example.com <—— 172.31.32.5 = bind
; <<>> DiG 9.8.3-P1 <<>> #172.31.32.5 server1.aws.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23154
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 0
;; QUESTION SECTION:
;server1.aws.example.com. IN A
;; ANSWER SECTION:
server1.aws.example.com. 300 IN A 172.31.14.41
client 1:
user1#vfvps-server:~ #date
Wed Sep 14 14:19:40 EDT 2016
user1#vfvps-server:~ #nslookup
> lserver 192.168.4.147
Default server: 192.168.4.147
Address: 192.168.4.147#53
> server1.aws.example.com
Server: 192.168.4.147
Address: 192.168.4.147#53
Non-authoritative answer:
Name: server1.aws.example.com
Address: 172.31.14.41
Windows DNS server configured with subdomain delegation will send iterative query to your BIND server. BIND will respond only if it is authoritative or from cache.
(you can try dig +norecurse server1.aws.example.com #172.31.32.5 and it will fail)
In your Windows DNS, you need to configure "Conditional Forwarder" for aws.example.com.
I have a site hosted on AWS and recently the site went down with NXDOMAIN error. The site was working before and the issue doesn't appear to be with the site as the Elastic Beanstalk direct link (xxxx-prod.elasticbeanstalk.com) is working fine.
In my Route53 I have a CNAME linking to my (xxxx-prod.elasticbeanstalk.com) and a SOA and 4 NS records supplied by AWS. xxxx is a placeholder for the actual site name. Running dig...
dig xxxx.com any
; <<>> DiG 9.8.3-P1 <<>> xxxx.com any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63003
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;xxxx.com. IN ANY
;; AUTHORITY SECTION:
com. 895 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1435723016 1800 900 604800 86400
;; Query time: 31 msec
;; SERVER: 64.71.255.204#53(64.71.255.204)
;; WHEN: Tue Jun 30 23:57:22 2015
;; MSG SIZE rcvd: 102
It looks like my NS records might be the issue but I am not sure. Can someone confirm.
TLDR: you need to contact your registar to figure out what's happening with the domains. You've left the domain in the question so I actually tried looking at what DNS was seeing for it.
Do you have an A record for your domain?
host vizibyl.com
Host vizibyl.com not found: 3(NXDOMAIN)
https://www.whois.net ->
Name Server: NS-1519.AWSDNS-61.ORG
Name Server: NS-1828.AWSDNS-36.CO.UK
Name Server: NS-228.AWSDNS-28.COM
Name Server: NS-544.AWSDNS-04.NET
Status: clientHold http://www.icann.org/epp#clientHold
Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
http://www.icann.org/epp#clientHold
for clientHold:
This status code tells your domain's registry to not activate your domain in the DNS and as a consequence, it will not resolve. It is an uncommon status that is usually enacted during legal disputes, non-payment, or when your domain is subject to deletion.
Often, this status indicates an issue with your domain that needs resolution. If so, you should contact your registrar to resolve the issue. If your domain does not have any issues, but you need it to resolve, you must first contact your registrar and request that they remove this status code.
I've installed and run cldwalker's datomic-free receipe https://github.com/cldwalker/datomic-free on an EC2 instance.
;=> System started datomic:free://{EC2 private IP address}:4334/<DB-NAME>,
; storing data in: data
My free-transactor.properties file looks like this:
protocol=free
host={EC2 private IP address}
port=4334
h2-port=4335
h2-web-port=4336
I want to connect the database from outside EC2:
(require '[datomic.api :as d])
(def uri "datomic:free://{EC2 public IP address}:4334/om_async?h2-
port=4335&h2-web-port=4336&aws_secret_key={xxx}&aws_access_key_id={yyy}")
(d/create-database uri)
But I get:
clojure.lang.ExceptionInfo: Error communicating with HOST
{EC2 private IP address} on PORT 4334 :: {:timestamp 1418304487036,
:host "{EC2 private IP address}", :version "0.9.5078", :port 4334,
:username "{XXX}", :peer-version 2, :alt-host nil, :password "{YYY}",
:encrypt-channel true}
What should I do to make this work?
UPDATE:
I have found the "Free Transactor on EC2" thread in the Datomic Google Group: https://groups.google.com/d/msg/datomic/wBRZNyHm03o/0SdNhqjF27wJ
Does this means I can only connect to Datomic-free if my app run on the same server?
Would I have the same problem (not being able to access db from outside server) if I get Datomic-free hosted on linode or digitalocean?
Thanks in advance for your help!
I had a very similar problem ("Error communicating with HOST
on PORT 4334") and all I had to do was restart my computer, strangely enough. Something with the ports being tied up after having launched a local transactor, I think. Then again, you probably already tried that.
To allow remote peers access to embedded storage you must do three things:
choose two passwords for the embedded storage
set the storage-access property
add a password to the connection URI used by peers
Take a look at this link
I'm trying to put a set of EC2 instances behind a couple of Varnish servers. Our Varnish configuration very seldom changes (once or twice a year) but we are always adding/removing/replacing web backends for all kinds of reasons (updates, problems, load spikes). This creates problems because we always have to update our Varnish configuration, which has led to mistakes and heartbreak.
What I would like to do is manage the set of backend servers simply by adding or removing them from an Elastic Load Balancer. I've tried specifying the ELB endpoint as a backend, but I get this error:
Message from VCC-compiler:
Backend host "XXXXXXXXXXX-123456789.us-east-1.elb.amazonaws.com": resolves to multiple IPv4 addresses.
Only one address is allowed.
Please specify which exact address you want to use, we found these:
123.123.123.1
63.123.23.2
31.13.67.3
('input' Line 2 Pos 17)
.host = "XXXXXXXXXXX-123456789.us-east-1.elb.amazonaws.com";
The only consistent public interface ELB provides is its DNS name. The set of IP addresses this DNS name resolves to changes over time and with load.
In this case I would rather NOT specify one exact address - I would like to round-robin between whatever comes back from the DNS. Is this possible? Or could someone suggest another solution that would accomplish the same thing?
Thanks,
Sam
You could use a NGINX web server to deal with the CNAME resolution problem:
User-> Varnish -> NGNIX -> ELB -> EC2 Instances
(Cache Section) (Application Section)
You have a configuration example in this post: http://blog.domenech.org/2013/09/using-varnish-proxy-cache-with-amazon-web-services-elastic-load-balancer-elb.html
Juan
I wouldn't recommend putting an ELB behind Varnish.
The problem lies on the fact that Varnish is resolving the name
assigned to the ELB, and it’s caching the IP addresses until the VCL
get’s reloaded. Because of the dynamic nature of the ELB, the IPs
linked to the cname can change at any time, resulting in Varnish
routing traffic to an IP which is not linked to the correct ELB
anymore.
This is an interesting article you might like to read.
Yes, you can.
in your default.vcl put:
include "/etc/varnish/backends.vcl";
and set backend to:
set req.backend = default_director;
so, run this script to create backends.vcl:
#!/bin/bash
FILE_CURRENT_IPS='/tmp/elb_current_ips'
FILE_OLD_IPS='/tmp/elb_old_ips'
TMP_BACKEND_CONFIG='/tmp/tmp_backends.vcl'
BACKEND_CONFIG='/etc/varnish/backends.vcl'
ELB='XXXXXXXXXXXXXX.us-east-1.elb.amazonaws.com'
IPS=($(dig +short $ELB | sort))
if [ ! -f $FILE_OLD_IPS ]; then
touch $FILE_OLD_IPS
fi
echo ${IPS[#]} > $FILE_CURRENT_IPS
DIFF=`diff $FILE_CURRENT_IPS $FILE_OLD_IPS | wc -l`
cat /dev/null > $TMP_BACKEND_CONFIG
if [ $DIFF -gt 0 ]; then
COUNT=0
for i in ${IPS[#]}; do
let COUNT++
IP=$i
cat <<EOF >> $TMP_BACKEND_CONFIG
backend app_$COUNT {
.host = "$IP";
.port = "80";
.connect_timeout = 10s;
.first_byte_timeout = 35s;
.between_bytes_timeout = 5s;
}
EOF
done
COUNT=0
echo 'director default_director round-robin {' >> $TMP_BACKEND_CONFIG
for i in ${IPS[#]}; do
let COUNT++
cat <<EOF >> $TMP_BACKEND_CONFIG
{ .backend = app_$COUNT; }
EOF
done
echo '}' >> $TMP_BACKEND_CONFIG
echo 'NEW BACKENDS'
mv -f $TMP_BACKEND_CONFIG $BACKEND_CONFIG
fi
mv $FILE_CURRENT_IPS $FILE_OLD_IPS
I wrote this script to have a way to auto update the vcl once a new
instance comes up or down.
it requires that the .vcl has an include to backend.vcl
This script is just a part of the solution, the tasks should be:
1. get new servername and IP (auto scale) can use AWS API cmds to do that, also via bash
2. update vcl (this script)
3. reload varnish
The script is here
http://felipeferreira.net/?p=1358
Other pepole did it in different ways
http://blog.cloudreach.co.uk/2013/01/varnish-and-autoscaling-love-story.html
You don get to 10K petitions if had to resolve an ip on each one. Varnish resolve ips on start and do not refresh it unless its restarted o reloaded. Indeed varnish refuses to start if found two ip for a dns name in a backend definition, like the ip returned for multi-az ELBs.
So we solved a simmilar issue placing varnish in front of nginx. Nginx can define an ELB as a backend so Varnish backend is a local nginx an nginx backend is the ELB.
But I don't feel comfy with this solution.
You Could make the ELB in your private VPC so that it would have a local ip. This way you don't have to use any DNS kind of Cnames or anything which Varnish does not support as easily.
Using internal ELB does not help the problem, because it usually have 2 Internal IP's!
Backend host "internal-XXX.us-east-1.elb.amazonaws.com": resolves to multiple IPv4 addresses.
Only one address is allowed.
Please specify which exact address you want to use, we found these:
10.30.10.134
10.30.10.46
('input' Line 13 Pos 12)
What I am not sure is if this IPs will remain always the same or they can change? anyone?
I my previous answer (more than three years ago) I hadn't solve this issue, my [nginx - varnish - nxinx ] -> ELB solution worked until ELB changes IPs
But from some time ago we are using the same setup but with nginx compiled with jdomain plugin
So the idea is to place a nginx in the same host that varnish an there configure the upstream like this:
resolver 10.0.0.2; ## IP for the aws resolver on the subnet
upstream backend {
jdomain internal-elb-dns-name port=80;
}
that upstream will automatically reconfigure the upstream ips the IP if the ELB changes its addresses
It might not be a solution using varnish but it works as expected